"Policy could not be compiled" error, with policy services
search cancel

"Policy could not be compiled" error, with policy services

book

Article ID: 249718

calendar_today

Updated On:

Products

ProxySG Software - SGOS

Issue/Introduction

Seeing the following message in the eventlog post upgrade: "% Policy compile had errors" received when updating the Policy Services db.  

Resolution

Post upgrade to SGOS 7.x, if you are seeing the following in the eventlog: 

Date:Time 9 Unexpected transaction termination on URL((null)), client IP(x.x.x.x), server IP(not available): Policy could not be compiled, possibly due to an upgrade problem
Date:Time 19 Unexpected transaction termination on URL((null)), client IP(x.x.x.x), server IP(not available): Policy could not be compiled, possibly due to an upgrade problem
Date:Time  42 Unexpected transaction termination on URL((null)), client IP(x.x.x.x), server IP(not available): Policy could not be compiled, possibly due to an upgrade problem
Date:Time  56 Unexpected transaction termination on URL((null)), client IP(x.x.x.x), server IP(not available): Policy could not be compiled, possibly due to an upgrade problem
Date:Time  2 Unexpected transaction termination on URL(ssl://<Website>:443/), client IP(x.x.x.x), server IP(not available): Policy could not be compiled, possibly due to an upgrade problem
Date:Time  1 Unexpected transaction termination on URL(ssl://<Website>:443/), client IP(x.x.x.x), server IP(not available): Policy could not be compiled, possibly due to an upgrade problem
The  policy services db download error is linked with a possible upgrade problem. There is a possibly that some policy component may have been broken during the upgrade, triggering the "policy could not be compiled" error received.

To resolve this error on the affected appliance, we recommend to have the SGOS 7.x.x.x installed system removed and the upgrade repeated with a fresh image, using the CLI method.

To upgrade SGOS from CLI, please refer to the guidance detailed in the Tech. Article with the URL below.

Upgrade or Downgrade Edge SWG (ProxySG) or Advanced Secure Gateway using the Command Line Interface

Notes on Policy Services:

Symantec’s Policy Services feature delivers Content Security and Access Security policies to the appliance. These policies provide a comprehensive security solution that blocks malware and web threats, and enables compliance to network security policies. Use this feature to implement best-practices security coverage, and to facilitate setup, deployment, and testing of policies.

Policy Services is available on all supported ProxySG appliances with a valid base license. No additional subscription is required to use the policy; however, the Policy Services subscription should be used to keep the policy up to date. The subscription is enabled by default.

To keep the subscription active, make sure that your Symantec support contract is valid.

 

Powered by Wolken Software